ZA200506363B - Method for processing security message in a mobile communication system - Google Patents

Method for processing security message in a mobile communication system Download PDF

Info

Publication number
ZA200506363B
ZA200506363B ZA200506363A ZA200506363A ZA200506363B ZA 200506363 B ZA200506363 B ZA 200506363B ZA 200506363 A ZA200506363 A ZA 200506363A ZA 200506363 A ZA200506363 A ZA 200506363A ZA 200506363 B ZA200506363 B ZA 200506363B
Authority
ZA
South Africa
Prior art keywords
security
message
check
integrity check
security message
Prior art date
Application number
ZA200506363A
Inventor
Sung D Chun
Seung J Yin
Young D Lee
Original Assignee
Lg Electronics Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lg Electronics Inc filed Critical Lg Electronics Inc
Publication of ZA200506363B publication Critical patent/ZA200506363B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Description

. LL . Method for Processing Security Mess age in Mobile
Communication System :
Technical Field
The present invention relates to a message processing method applied to mobile communication, and more particularly, to a method for processing a security message in a RRC layer.
Background Art
UMTS (universal mobile telecommunicatiorms system) includes
UE (user equipment), UTRAN (UMTS terresstrial radio access network), and CN (core network). Moreover, the UTRAN comprises a plurality of RNSs (radio metwork subsystems).
Each of the RNS comprises RNC (radio network controller) and a plurality of Node Bs managed by the RNC. A Node B receives uplink signals transmitted from UE and transmits downlink signals to the UE. The RNC takes charge of allocation and management of radio resource, and plays a role of an access point to connect the Node Bs to the CN. Each UE connected to the UMTS is managed by a specific RNC im the UTRAN, and the specific RNC is called SRNC (serving RNC). ' The UTRAN configures, maintains, and wmanages RABs (radio access bearers) for the communications between the UE and the CN. The CN applies end-to-end QoS (quality of service) requirements to the RAB, and the RAB supports Qos
. ] -o- . requirements set up by the CN. The UTRAN therefore configures, maintains, and manages the RAB, thereby enabling to meet the end-to-end QoS requir-ements.
A radio interface protocol vertically comprises a physical layer, a data link layer, and a network layer and horizontally comprises a user plane for providing data information and a control plane £or providing signaling. The protocol layers are grouped into Ll (layer 1), L2 (layer 2), and L3 (layer 3) based on three lower layers of an OSI (open system interconnection) reference model. The L1 provides upper layers with information transfer service using various radio transmission techniques. Ared, the Ll is connected to a
MAC (medium access control) layer of the upper layers via transport channels.
A RLC layer supports data transmzission reliably and carries out segmentation and concatenation on RLC SDUs (service data units) transferred from the upper layers. The RLC SDUs transferred from the upper layers are divided into RLC data units that can be processed in the RLC layer, and header information is added to the divided RLC data units to transfer to the MAC layer as a form of PDU (protocol data ’ unit) .
A PDCP (packet data convergence protocol) layer is disposed over the RLC layer. The PDCP layer makes data, which is transferred through the network protocol, be transmitted
. Ne } efficiently over a radio interface of which bandwidth is relatively narrow. A BMC (broadcast/multicast control) lazyer schedules UEs to which a CB (cell broadcast) message transferred from the CN will be transmitted, and transfers the CB message to the corresponding UEs located in speci fic cells) on the basis of the scheduling.
On request from higher layers, A RRC (radio resouzxce control) layer controls transport and physical channels to perform the establishment, reconfiguration, and release of
RBs (radio bearers). In this case, the RB means a service provided by the L2 for data transfer between the UE and
UTRAN.
Meanwhile, various channels for receiving/transmitting data are defined between the UEs and the UTRAN to use. Data are sent and received between the PHY layer of UE and that of the UTRAN using the physical channel. In addition to physical channel, data transport paths between the protocol layers are defined as transport and logical channels in ‘the radio access network of the UMTS. The logical channels are provided for data exchange between the RLC and MAC layer, while the transport channels are provided for data exchamge ' between the MAC and PHY layer. Mapping between transport channels is performed in the MAC layer, while another mapping between the transport and physical layers is performed in the physical layer.
i” . Various kinds of messages are received/transmitted between the terminal and UTRAN. ‘Security check’ is mostly carried ) out to protect data contained in the messages. Such ‘security check’ includes ‘c-dphering’ and ‘integrity check’.
The ciphering adds a specif-ic mask, which is known to both of transmitting and receivimg parties only, to a message sO that a third party failing to know the mask is unable to recognize the contents of the message.
And, the integrity check is used for checking whether an unauthorized third party has altered the contents of the message or whether the transmission is made by an unauthenticated party. Namely, the integrity check is performed for integrity protection and is a procedure required for checking whether the contents of the received message are intentionally and previously changed by the third party.
In the UMTS, the ciphering and the integrity check are simultaneously carried out on most of the messages transferred to the RRC layer and most of the control messages transmitted to the upper layers of the RRC layer.
And, the ciphering is carried out on other general user data ’ only. Such integrity check can be carried out in the RRC layer.
Thus, if the message of which contents are changed by the third party between the transmitting and receiving parties
. is received, or in order to filter a message transmitted from the unauthenticated transmitting party, tlhe receiving party carries out the integrity check on the received messacge. Hence, the received message is normally processed or discarded according to whether the received message passes the integrity check or not.
For irastance, one of the received messages may be a security setup control message. In connection between the UE and the network (ex. UTRAN), the security setup control message is used for initiating to secure messages that will be transmitted thereafter. Moreover, the security setup control message can be used for controlling security-relating environment variables that are used for the connection on which the security process has been carried out.
Information, which is related to controlling the security- relat-ing environment variables, among the contemts contained in the security setup control message is called security- relatdng environment setup information. Yet, tthe security- relat-ing information contained in the security setup control message itself can be changed by the unauthenticated third party or can be transmitted by the unauthenticated ) transenitting party, whereby it is unable to ely on such securdty-relating information.
TEN P)
Disclosure of invention
Accordingly, the present invention is directed toc a method fox processing a security message in mobile communication system that substantially obviates one or more problems due to limitations and disadvantages of the related art.
A need exists to provide a security setup control message processing method including security check of a security message itself.
Additional advantages, needs, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those hawing ordinary skill in the art upon examination of the follow ing or may be learned from practice of the invention. The needs and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
To fulfill these needs and achieve other advantages and in accordance with the purpose of the invention, as embodied and broadly described herein, a method for processing security message in mobile communication system according to the present invention includes the steps of xeceiving the security message, storing previous security-relating variables, carrying out security check on the security me ssage, discarding or processing the security message
AMENDED SHEET
. . : co } according to a result of the security check, and updating the security-relating variables.
The present invention is characterized in that the security check of the security message itself is performed to secure integrity protection.
It is to be understood that both the foregoing general description and the following detailed description of the present invention are exemplary and explanatory and are intended to provide further explanation of the invention as claimed.
Brief Description of Drawirmgs
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment (s) of the inwention and together with the description serve to explain the principle of the invention.
In the drawings:
FIG. 1 illustrates a flowchart of a general message processing method;
FIG. 2 illustrates a flowchart of a method for processing a ’ security setup control message according to a first embodiment of the present invention;
FIG. 3 illustrates a flowchart of a method for processing a security setup control message according to a second ro ’. embodiment of the present inwention;
FIG. 4 illustrates a diagram of one embodiment representing
COUNT-I in security-relating environment variables; and
FIG. 5 illustrates a diagram for explaining one embodiment of generating an authentication value in integrity check.
Detailed Description of the Invention
Reference will now be made in detail to the preferred embodiments of the present imvention, examples of which are illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings to refer to the same or like parts.
FIG. 1 illustrates a flowchart of a general message processing method.
Referring to FIG. 1, UE (usex equipment) firstly receives a general message (S11) and then carries out integrity check on it (S12). In accordance with a result of the integrity check, the message is normally processed or discarded.
Namely, if the message passes the integrity check, it is normally processed (S13). If the message fails to pass the integrity check, it is disscarded since there exists a security problem (S14).
FIG. 2 illustrates a flowchart of a method for processing a security setup control message according to a first embodiment of the present invention.
AMENDED SHEET i Referring to FIG. 2, UE (user equipment) receives a security setup control message (s21). And, security-relating environment variables are updated using security-relating environment setup information contained in the received security setup control message (S22). The UE (ex. terminal) carries out security check on the security setup control message itself using the updated security-relating environment variables (S823). The secuxity check includes integrity check. If the security setup control message passes the integrity check, the message is normally processed (S24). Yet, if the security setup control message fails to pass the integrity check, the message is judged as abnormal so that the received security setup control message is discarded (S25). Moreover, it is unable to rely on the security-relating environment setup information included in the security setup control message. Herace, it is unable to use the security-relating environment setup information.
In the first embodiment of the present invention, once a receiving party receives the security setup control message, the previously set security-relating emvironment variables are updated with the security-relating environment setup ’ information included in the message, and the previous security-relating environment variables are discarded. Hence, the security-relating environment varialoles of the receiving party do not coincide with those of a& transmitting party
~10-
X anymore, it is unable to further exchange messages, and the receiving party cannot be provided with furthex requested services.
FIG. 3 illustrates a flowchart of a method for processing a security setup control message according to a second embodiment of the present invention.
Referring to FIG. 3, a method for processing a security setup control message is carried out in a following manner.
First of alll, UE (user equipment) receives a secturity setup control mes sage (S31). Before the UE carries o-ut security check on the security setup control message itself, security-relating environment variables which were previously set are temporarily stored (S32). And, the security-relating environment variables are updated using security-relating environment setup information included in the received security setup control message (S33).
The UE (ex. terminal) carries out security clhieck on the security setup control message itself using -the updated security-relating environment variables (S34) . And, the security check includes integrity check. If the security setup control message passes a result of the integrity check, the tempoxarily stored security-relating environment variables are deleted (835). Thereafter, security check is carried out on messages received later using the updated security-re lating environment variables and the message is
} normally pr-ocessed (S36).
However, if the security setup control message fails to pass the integr-ity check, it is handled such that the security setup control message is not received. Namely, if it is judged that the message is abnormal, the received security setup cont rol message is discarded (837). Moreover , the security-reslating environment setup information included in the security setup control message cannot be used simce it ig not reliable. Thus, in case that the security setup control message is unable to pass the security check, the security setup control message is discarded as well as the temporarily stored security-relating environment vari ables are restored (S38). And, messages received later- are processed wsing the restored security-relating environment variables.
In accordamce with the second embodiment of the present invention, even if the message of which contents are claanged in the middle of transmission from the UTRAN to UE is received, or even if the security setup control message provided fr-om an unauthenticated party is received, Zit is able to maimtain the security-relating environment vari.ables : to be equal to those of the terminal using the previ ously set security-relating environment variables by storing and restoring t hem. Hence, if the security-relating environment setup variables are deleted instead of being stored, it is able to prevent the case that the message cannot be processed later due to the difference between the securi ty- relating environment variables of the UE and the UTRAN.
A method of performing the integrity check is explained in detail as follows. For such explanation, parameters required for performing the integrity check are explained. In order to perform the integrity check, required are such parameters as IK (integrity key), COUNT-I, MESSAGE, DIRECTION (direction identifier, 1bit), and FRESH.
FIG. 4 illustrates a diagram of one embodiment represent. ing
COUNT-I in security -relating environment variables.
COUNT-I is one of security-relating environment variables.
Namely, the COUNT-I is a value corresponding to a sequence number for integrity check.
Referring to FIG. <4, the COUNT-I includes a pair of areas.
One area of the two includes RRC HFN (hyper frame number) of 28 bits, while the other area of the two includes RRC SN (sequence number) of 4 bits.
A procedure of updating the security-relating environment variables is carried out in a manner that HFN as a value of upper 28 bits of tlie COUNT-I is reset. Namely, the reset HFN : may be a START value transmitted recently by a terminal, oO, or a specific value. And, UE carries out security check: on the received security setup control message using the updated security-relating environment variables.
. The IK among the parameters for performing the integrity check indica tes an integrity key, which is generated from an authenticati on procedure in an upper layer of the RRC layer to have the RRC layer be informed of. A value of the IK is not transmitted via a radio interface, but the uppex layer of the RRC Mayer in the terminal and a network (ex. UTRAN) calculate values of the IK to use based on specific input values, respectively.
A value of the START is read from an SIM card when the terminal din-dtiates connection between RRC layers of the
UTRAN and the terminal, and is transmitted to the UTRAN. The value of the START, which is included in a message transmitted from the upper layer of the RRC layer of the terminal, may be transmitted to the UTRAN. While the connection between the RRC layers of the UTRAN and terminal is activated, the value of the START is defined as the greatest nurnber of upper 20 bits of the currently used values of the COUNT-I or COUNT-C (which is used for ciphering and plays a role similar to the COUNT-I). And the value of the START currently used between the RRC layers of the terminal and UTRAN is stored in the SIM card when the : connection between the RRC layers of the terminal and UTRAN ends.
The MESSAGE means a message which is transmitted itself. The
DIRECTION is a direction discriminator and its value varies in accordance with uplink or downlink. The DIRECTION c an be set as ‘0’ or ‘1’ on uplink or downlink. The FRESH is a value given to each terminal independently, and is a value that UTRAN transmits to UE on an initial state of the RRC connection. Namely, the value of the FRESH is an arbi trary number that UTRAN transmits to UE, which is for securirmg the security of the UTRAN from the terminal reusing the wvralues of the COUNT-I and MAC-I in a manner that UTRAN providles UE with a new val ue every RRC connection. A value of the MAC-I (message authemtication code-I) is a message authentication code calculateed using UIA (UMTS integrity algorithm) with security-relat ing environment values, which is an integrity checksum inserted in RRC PDU.
If there is no procedure of updating the value of the FRESH, a security irivader easily wakes the security of UTRAN vulnerable by requesting that the value of the START" that will be used as an upper value of the COUNT-I should loe set into a very small value when new connection betweem RRC layers is requested and then ‘by using a pair of vales of the
SN and MAC-I which was used for the previous connection between the RRC layers. Yet, such vulnerability oX the security can loe prevented by assigning a new value of the
FRESH in UTRAN whenever the connection between RRC layers is newly established.
FIG. 5 illustrates a diagram for explaining one embodiment
] of generating an authentication value in integrity check, in which ‘f9’ is a standardized integrity check authentication generation algorithm adopted by 3GPP.
Referring to FIG. 5, UTRAN and terminal use values of the parameters as input values, thereby generating values of
MAC- I and XMAC-I using such an algorithm as ‘£9’. The MAC-I is an integrity check authentication value generated from the UTRAN, and the XMAC-I is an integrity check authentication value generated from the terminal. If all input values of the UTRAN and terminal are equal to each other, the values of the MAC-I and XMAC-I generated from the procedure of FIG. 3 will be equal to each other. Yet, if the mess age is changed in the middle of processing, input values of MESSAGE of receiving and transmitting parties are diff erent from each other so that the value of the XMAC-I is not equal to that of the MAC-I.
Hence, if the values of the MAC-I and XMAC-I are not equal to each other as a result of comparison, the terminal judges that contents of the received security setup control message are intentionally changed during transmission or that the received security setup control message is transmitted from an unauthenticated party. In such a case, the security setup cont rol message is judged as invalid, thereby failing to pass the integrity check. UTRAN changes a portion of the input values used for the procedure in FIG. 3 whenever
) sending a new message. And, the UTRAN generates a new MAC-I each time using the partial change of input values. This is performed to prevent that an unauthorized party reuses the value of the MAC-I to pass the integrity check.
For this, the UTRAN increases the SN value of the COUNT-I by increment of ‘1’ whenever sending a message. As mentioned in the foregoing description, the SN value constructs lower 4 bits of the COUNT-I. Being 4 bits, the SN value can have values ranging between 0-~15 and sequentially increases by ‘1’ from ‘0’. Once the SN value becomes ‘15’, the next SN value becomes ‘0’ and then increases by the increment of ‘1’ again. Thus, HFN corresponding to upper value of the COUNT-I value is increased by ‘1’ whenever the SN becomes back to ‘0’ from ‘15’.
Hence, such a method brhings about the effect that the COUNT-
I increases by ‘1’ each time, whereby the input values are changed in part in a ciphering authentication value calculation procedure.
Meanwhile, if the term-nal recognizes the SN value of the received message and judges that the SN value has completed one cycle, the terminal increases its HFN value by ‘1’. Thus, the COUNT-I can coincide with that of the transmitting party.
If such a method is used, the terminal and UTRAN can have the same COUNT-I information even if SN information is sent only. Besides, security information leakage, which may occur
} when the entire COUNT-I is sent, to a third party can be preverated. Hence, UTRAN enables the receiving party to accurately calculate the XMAC-I value as well as adds the SN value as lower value of the COUNT-I to the message of each message transmission to prevent the unauthor-ized third party from passing the integrity check. And, the MAC-I value, which will be used as a reference for the terminal to perform the integrity check, is added to the message to transmit.
Once WUE receives the security setup control message, it is necessary to perform the security check of the SN value. For this, UE manages its local parameter SN only using the SN values received so far. If the SN value tramsmitted together with the security setup control message Is equal to the local parameter SN value of the terminal, it can be assumed that a third party sends the message using tthe same security information of the transmitting party ox that the same message is transmitted again from the authenticated UTRAN.
In such a case, the terminal immediately discards the security setup control message.
The terminal configures COUNT-I using the SN value received ’ together with the security setup control message and calculates XMAC-I using the parameters set previously in
COUNT -I and UE. The parameters set previously in UE include
MESSAGE, DIRECTION, FRESH.
By comparing the MAC-I value transmitted together with the security setup control message to the XMAC-I value calculated by UE, the UE performs the integrity check of the security setup control message.
Once the receiwed security setup control message passes the integrity check, the receiving party stores the SN value included in the message in the local parameter SN and uses it for the SN walue check of the next message.
Industrial Applicability
Accordingly, t he method according to the present invention is implemented as a program and can be stored in recording media (CD ROM, floppy disk, hard disk, optical magnetic disk, etc.) as a formm that can be read by computer. Such a process is apparent tco those skilled in the art, whereby its explanation is skipped in this description.
It will be app arent to those skilled in the art that various modifications and variations can be made in the present invention. Thus, it is intended that the present invention covers the modifications and variations of this invention provided they come within the scope of the appended claims ’ and their equi.valents.
[IS Tr. -18a- "Comprises/comprising"” when used in this specification is taken to specify the presence of stated features, integers, steps or components but does not preclude the presence Or addition of one or more other features, integers, steps Or components or groups thereof.
AMENDED SHEET

Claims (9)

i Claims
1. A method for processing security messsage in mobile communication system, comprising the steps of: receiving the security message; storing previous security-relating variables; carrying out security check on the security message; discarding or processing the security message according to a result of the security check; and updating the security-relating variables.
2. The method of claim 1, wherein the security check is integrity check.
3. The method of claim 2, the integrity check compriging the steps of: performing an integrity check algorithm by receiving the security-relating variables; and comparing an authentication code calculated by performing the integrity check algorithm to a received authentication code transmitted from a transmitting ' party.
[3 1. :
4. The method ©f claim 3, wherein the step of discardi ng Or processing the security message is carried out in a manner that the security message is processed if the received authentication code is equal to a message authentication code transmitted from the transmitting party or that the security message 1s discarded if the received authentication code is not equal to the message authentication code.
5. The method of claim 1, wherein the step of updating the security-relating variables is carried out in a manner that the stored security-relating variables are restored if the security message is discarded or that the security-rel ating variables included in the received security message are updated into new security-relating variables if the security message is processed.
6. The method of claim 1, wherein the security message is an RRC (radio resource control) message.
7. The method of claim 1, wherein the security message is a signaling message. AMENDED SHEET
4. >
8. The method according to tte invention for processing security message in mobil e communication system, substantially as hereinbefore de.scribed or exemplified.
9. The method for processing security message in mobile communication system including amy new and inventive integer or combination of integers, substantially as herein described. AMENDED SHEET
ZA200506363A 2003-02-11 2005-08-10 Method for processing security message in a mobile communication system ZA200506363B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020030008512A KR100956823B1 (en) 2003-02-11 2003-02-11 Method of processing a security mode message in a mobile communication system

Publications (1)

Publication Number Publication Date
ZA200506363B true ZA200506363B (en) 2006-07-26

Family

ID=36167036

Family Applications (1)

Application Number Title Priority Date Filing Date
ZA200506363A ZA200506363B (en) 2003-02-11 2005-08-10 Method for processing security message in a mobile communication system

Country Status (11)

Country Link
US (2) US20040242195A1 (en)
EP (1) EP1593278B1 (en)
JP (1) JP4397818B2 (en)
KR (1) KR100956823B1 (en)
CN (1) CN100544478C (en)
AU (1) AU2003288764B2 (en)
MX (1) MXPA05008418A (en)
RU (1) RU2336665C2 (en)
UA (1) UA85178C2 (en)
WO (1) WO2004073347A1 (en)
ZA (1) ZA200506363B (en)

Families Citing this family (70)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100956823B1 (en) * 2003-02-11 2010-05-11 엘지전자 주식회사 Method of processing a security mode message in a mobile communication system
KR100664110B1 (en) * 2004-02-04 2007-01-04 엘지전자 주식회사 Usage restriction setting method for mobile communication device
US7869590B2 (en) * 2005-04-12 2011-01-11 Broadcom Corporation Method and system for hardware accelerator for implementing f9 integrity algorithm in WCDMA compliant handsets
JP4671776B2 (en) * 2005-06-15 2011-04-20 株式会社エヌ・ティ・ティ・ドコモ Confidential processing apparatus and confidential processing method
DE102005039366B4 (en) * 2005-06-24 2008-10-09 Infineon Technologies Ag Telecommunication terminal, telecommunication system, telecommunication session server unit, method for generating and transmitting a telecommunication session message, method for managing a telecommunication session message, computer readable storage media and computer program elements
GB2429607B (en) 2005-08-26 2010-02-10 Samsung Electronics Co Ltd Improvements in mobile telecommunication security
WO2007108660A1 (en) * 2006-03-22 2007-09-27 Lg Electronics Inc. Asymmetric cryptography for wireless systems
EP1997294A4 (en) * 2006-03-22 2014-08-27 Lg Electronics Inc Security considerations for the lte of umts
KR101252812B1 (en) * 2006-04-25 2013-04-12 주식회사 엘지씨엔에스 Network security device and method for controlling of packet data using the same
KR101088618B1 (en) * 2006-06-19 2011-11-30 인터디지탈 테크날러지 코포레이션 Method and apparatus for security protection of an original user identity in an initial signaling message
KR101265643B1 (en) 2006-08-22 2013-05-22 엘지전자 주식회사 A mothod of executing handover and controlling thereof in mobile communication system
US8619685B2 (en) 2006-10-02 2013-12-31 Lg Electronics Inc. Method for transmitting and receiving paging message in wireless communication system
US8428013B2 (en) 2006-10-30 2013-04-23 Lg Electronics Inc. Method of performing random access in a wireless communcation system
KR100938754B1 (en) 2006-10-30 2010-01-26 엘지전자 주식회사 Data transmission method and data receiving method using discontinuous reception
US8442017B2 (en) 2006-10-30 2013-05-14 Lg Electronics Inc. Method for transmitting random access channel message and response message, and mobile communication terminal
CN101202936B (en) * 2006-12-11 2010-12-08 大唐移动通信设备有限公司 Method, system realizing RRC signal order integrality protection referring to SRNS relocation and wireless network controller
CN101589596B (en) * 2007-01-26 2013-02-27 交互数字技术公司 Method and apparatus for securing location information and access control using the location information
WO2008097044A1 (en) * 2007-02-06 2008-08-14 Lg Electronics Inc. Verification of system information in wireless communication system
USRE45347E1 (en) 2007-04-30 2015-01-20 Lg Electronics Inc. Methods of transmitting data blocks in wireless communication system
WO2008133480A1 (en) * 2007-04-30 2008-11-06 Lg Electronics Inc. Method for transmitting or receiving data unit using header field existence indicator
US8184570B2 (en) 2007-04-30 2012-05-22 Lg Electronics Inc. Method of transmitting data in wireless communication system supporting multimedia broadcast/multicast service
US8543089B2 (en) * 2007-04-30 2013-09-24 Lg Electronics Inc. Method for performing an authentication of entities during establishment of wireless call connection
KR20080097338A (en) 2007-05-01 2008-11-05 엘지전자 주식회사 Discontinuous data transmittion/reception method
US20080273482A1 (en) * 2007-05-02 2008-11-06 Lg Electronics Inc. Uplink access method for receiving a point-to-multipoint service
US20080273503A1 (en) * 2007-05-02 2008-11-06 Lg Electronics Inc. Method and terminal for performing handover in mobile communications system of point-to-multipoint service
KR100917205B1 (en) 2007-05-02 2009-09-15 엘지전자 주식회사 Method of configuring a data block in wireless communication system
US7817595B2 (en) * 2007-05-17 2010-10-19 Htc Corporation Communication system, user device thereof and synchronization method thereof
US8068451B2 (en) * 2007-05-17 2011-11-29 Htc Corporation Communication system, user device thereof and synchronization method thereof
KR101451434B1 (en) * 2007-06-18 2014-10-21 엘지전자 주식회사 Paging information transmission method for effective call setup
KR101526971B1 (en) * 2007-06-18 2015-06-11 엘지전자 주식회사 Method for transmitting/receiving broadcast or multicast service and terminal thereof
KR101470638B1 (en) 2007-06-18 2014-12-08 엘지전자 주식회사 Method for enhancing radio resource and informing status report in mobile telecommunications system and receiver of mobile telecommunications
KR101486352B1 (en) 2007-06-18 2015-01-26 엘지전자 주식회사 Method of controlling uplink synchronization state at a user equipment in a mobile communication system
EP2015478B1 (en) 2007-06-18 2013-07-31 LG Electronics Inc. Method of performing uplink synchronization in wireless communication system
WO2008156314A2 (en) 2007-06-20 2008-12-24 Lg Electronics Inc. Effective system information reception method
KR101392697B1 (en) 2007-08-10 2014-05-19 엘지전자 주식회사 Method for detecting security error in mobile telecommunications system and device of mobile telecommunications
KR101490253B1 (en) 2007-08-10 2015-02-05 엘지전자 주식회사 Method of transmitting and receiving control information in a wireless communication system
US9008006B2 (en) 2007-08-10 2015-04-14 Lg Electronics Inc. Random access method for multimedia broadcast multicast service(MBMS)
US8422385B2 (en) 2007-08-10 2013-04-16 Lg Electronics Inc. Control method for uplink connecting of idle terminal
KR101514841B1 (en) 2007-08-10 2015-04-23 엘지전자 주식회사 Method for re-attempting a random access effectively
WO2009022877A2 (en) 2007-08-14 2009-02-19 Lg Electronics Inc. A method of transmitting and processing data block of specific protocol layer in wireless communication system
KR101397003B1 (en) * 2007-09-05 2014-05-20 엘지전자 주식회사 Methods of data communication in mobile communication system
KR100937432B1 (en) 2007-09-13 2010-01-18 엘지전자 주식회사 Method of allocating radio resources in a wireless communication system
KR101461970B1 (en) 2007-09-13 2014-11-14 엘지전자 주식회사 Method of performing polling procedure in a wireless communication system
KR101435844B1 (en) 2007-09-18 2014-08-29 엘지전자 주식회사 Method of transmitting a data block in a wireless communication system
KR101591824B1 (en) 2007-09-18 2016-02-04 엘지전자 주식회사 Method of performing polling procedure in a wireless communication system
KR101513033B1 (en) 2007-09-18 2015-04-17 엘지전자 주식회사 A method for qos guarantees in a multilayer structure
KR101387537B1 (en) 2007-09-20 2014-04-21 엘지전자 주식회사 A method for handling correctly received but header compression failed packets
US8687565B2 (en) 2007-09-20 2014-04-01 Lg Electronics Inc. Method of effectively transmitting radio resource allocation request in mobile communication system
CN101415184A (en) * 2007-10-17 2009-04-22 雅斯拓(北京)智能卡科技有限公司 Method to other people shielding mobile telephone message
KR20090041323A (en) 2007-10-23 2009-04-28 엘지전자 주식회사 Method of effectively transmitting identification information of terminal during the generation of data block
EP2208294B1 (en) 2007-10-29 2019-07-31 LG Electronics Inc. Method of repairing a security failure
KR101163275B1 (en) 2008-03-17 2012-07-05 엘지전자 주식회사 Method for transmitting pdcp status report
WO2009116788A1 (en) 2008-03-17 2009-09-24 Lg Electronics Inc. Method of transmitting rlc data
KR101674947B1 (en) * 2009-04-21 2016-11-10 엘지전자 주식회사 Efficient Security Related Procedure
US8566593B2 (en) * 2009-07-06 2013-10-22 Intel Corporation Method and apparatus of deriving security key(s)
RU2636013C1 (en) * 2011-10-28 2017-11-17 Нек Корпорейшн Protected method for starting machine-type communication device
US9100940B2 (en) 2011-11-28 2015-08-04 Cisco Technology, Inc. System and method for extended wireless access gateway service provider Wi-Fi offload
US20130235724A1 (en) * 2012-03-09 2013-09-12 Sevis Systems, Inc. System and Method for Optimizing and Eliminating Congestion for WAN Interfaces within the Access Domain
CN102612028B (en) * 2012-03-28 2015-04-15 电信科学技术研究院 Method, system and device for configuration transmission and data transmission
US8990916B2 (en) * 2012-07-20 2015-03-24 Cisco Technology, Inc. System and method for supporting web authentication
RU2596935C2 (en) * 2014-07-01 2016-09-10 Федеральное государственное казенное учреждение "Войсковая часть 35533" Device for blocking unauthorised information tapping from cellular telephone
GB2529194A (en) * 2014-08-12 2016-02-17 Vodafone Ip Licensing Ltd Machine-to-machine cellular communication security
US9992670B2 (en) 2014-08-12 2018-06-05 Vodafone Ip Licensing Limited Machine-to-machine cellular communication security
KR102213885B1 (en) * 2014-11-28 2021-02-08 삼성전자주식회사 Apparatus and method for controlling security mode in wireless communication system
JP6654652B2 (en) 2015-03-13 2020-02-26 エバースピン コーポレーション Dynamic security module generation method and generation apparatus
WO2016148473A1 (en) * 2015-03-13 2016-09-22 주식회사 에버스핀 Method and apparatus for generating dynamic security module
US20160316373A1 (en) * 2015-04-27 2016-10-27 Qualcomm Incorporated Techniques for managing security mode command (smc) integrity failures at a user equipment (ue)
US11212680B2 (en) 2016-09-13 2021-12-28 Nokia Technologies Oy PDCP count handling in RRC connection resume
US10171993B2 (en) * 2017-05-05 2019-01-01 Nokia Technologies Oy Identity request control for user equipment
KR20230062197A (en) * 2021-10-29 2023-05-09 삼성전자주식회사 Method and apparatus for security enhancement in AS layer in next-generation mobile communication systems

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI113119B (en) * 1997-09-15 2004-02-27 Nokia Corp A method for securing communications over telecommunications networks
RU2132597C1 (en) 1998-03-25 1999-06-27 Войсковая часть 43753 Method for encryption and transmission of encrypted voice data in gsm-900 and dcs-1800 cellular mobile communication networks
US6243811B1 (en) 1998-07-31 2001-06-05 Lucent Technologies Inc. Method for updating secret shared data in a wireless communication system
GB0004178D0 (en) * 2000-02-22 2000-04-12 Nokia Networks Oy Integrity check in a communication system
DE10025271A1 (en) * 2000-05-22 2001-11-29 Siemens Ag Method for establishing a connection between a terminal and a serving cellular network, cellular network and terminal therefor
US6733576B2 (en) * 2000-09-20 2004-05-11 Pgi International, Ltd. Gas sampling separator
FI111423B (en) * 2000-11-28 2003-07-15 Nokia Corp A system for securing post-handover communications
AU2001221632A1 (en) * 2000-11-28 2002-06-11 Nokia Corporation System and method for authentication of a roaming subscriber
KR100789565B1 (en) * 2001-04-07 2007-12-28 엘지전자 주식회사 Method for setting up radio bearer and Method for ciphering perform of each radio bearer and Method for ciphering data thereof
US7088988B2 (en) * 2002-11-12 2006-08-08 Motorola Inc. Over-the-air subsidy lock resolution
KR100956823B1 (en) * 2003-02-11 2010-05-11 엘지전자 주식회사 Method of processing a security mode message in a mobile communication system

Also Published As

Publication number Publication date
US7471943B2 (en) 2008-12-30
KR20040072858A (en) 2004-08-19
EP1593278B1 (en) 2012-08-01
US20040162065A1 (en) 2004-08-19
WO2004073347A1 (en) 2004-08-26
CN1748438A (en) 2006-03-15
EP1593278A1 (en) 2005-11-09
RU2336665C2 (en) 2008-10-20
US20040242195A1 (en) 2004-12-02
AU2003288764A1 (en) 2004-09-06
JP2006514466A (en) 2006-04-27
RU2005128294A (en) 2006-01-27
KR100956823B1 (en) 2010-05-11
UA85178C2 (en) 2009-01-12
AU2003288764B2 (en) 2008-10-30
JP4397818B2 (en) 2010-01-13
MXPA05008418A (en) 2006-02-03
CN100544478C (en) 2009-09-23

Similar Documents

Publication Publication Date Title
AU2003288764B2 (en) Method for processing security message in mobile communication system
US11025597B2 (en) Security implementation method, device, and system
JP2006514466A5 (en)
JP3464664B2 (en) How to check the amount of data sent
KR100865357B1 (en) Method and apparatus of modifying integrity protection configuration in a mobile user equipment of a wireless communications system
US8543089B2 (en) Method for performing an authentication of entities during establishment of wireless call connection
WO2022025566A1 (en) Methods and systems for deriving cu-up security keys for disaggregated gnb architecture
US8606228B2 (en) Method, user network equipment and management system thereof for secure data transmission
CN113038467B (en) Event information reporting method and communication device
CN115918113A (en) User equipment contact strategy
EP1406423A1 (en) Network structure for encrypting of mobile communication system terminal and the method of realizin it
US20240137757A1 (en) Systems and methods for authorization of proximity based services
CN110876150B (en) Method, module and equipment for monitoring base station behaviors
CN116530119A (en) Method, device and system for protecting serial numbers in wireless network
CN115150089A (en) Block chain uplink method, device, electronic equipment and storage medium
CN116471590A (en) Terminal access method, device and authentication service function network element
CN117376900A (en) Communication method and device
CN115699672A (en) Method for preventing encrypted user identity from replay attack
NZ755869B2 (en) Security implementation method, device and system